It is the policy of the Heartland Center for Behavioral Change (“HCBC”) that its business and affairs be conducted at all times in accordance with high ethical standards. To that end, and in accordance with HCBC Code of Conduct, HCBC has designed this Compliance Plan (“Plan”) to create a process to address and work to resolve compliance issues throughout the organization.


This Compliance Plan (“Plan”) has been approved by the Board of Directors of the Heartland Center for Behavioral Change (HCBC) and is intended as a guide for employees, contract providers, members of the Board of Directors, students, and volunteers (collectively referred to as “staff”), so that HCBC may fulfill its obligations to observe federal, state, and local law and public policies affecting its business, and deal fairly with HCBC’ patients and agency providers.


HCBC recognizes that the healthcare regulatory environment is complex and ever-changing and that compliance can be particularly difficult. It also recognizes the problem fraud and other deliberate and accidental misconduct in the health care industry poses to society and seeks to eliminate them from


HCBC. HCBC is committed to developing and implementing an effective Plan in accordance with applicable law and guidance from state and federal health care authorities. With this Plan, HCBC is promoting its continuing commitment to full compliance with all legal duties applicable to this organization and the behavioral health care industry, and to ethical conduct within HCBC.


HCBC is declaring the provisions within this Plan to create an effective corporate compliance plan. This Plan is designed to prevent misconduct, to detect misconduct if it occurs, to prevent future wrongdoing, and to enhance the reputation of HCBC and its employees as ethical providers of health care services. This Plan is intended to recognize and incorporate to the extent possible, the various compliance practices and policies already in place in the organization’s existing policies and procedures.


All HCBC staff is directed to:

  1. Become familiar with and maintain familiarity with this Plan, all applicable legal standards, and HCBC policies and procedures;
  2. Comply with this Plan, HCBC policies and procedures, HCBC’s Code of Conduct and all other applicable legal standards;

iii. Report non-compliance with this Plan, HCBC policies and procedures and all other applicable legal standards to the proper authorities as stated in this Plan or HCBC policies and procedures;

  1. Assist the Compliance Officer as requested. The assistance of all HCBC employees is required to make this Plan operate effectively.


This Plan applies to all members of the Board of Directors, employees, contract providers, students, volunteers, and agents of HCBC. Included in the term “HCBC” are all facilities, divisions, units, departments, and clinics wherever located.


This Plan became effective on July 21, 2011.


  1. Scope


This Plan provides an overview and outline of the compliance activities for HCBC. It is intended that issue-specific and/or department-specific documents will be developed and distributed (as appropriate) to employees to implement this Plan.

  1. Essential Elements of the Plan.


As discussed more fully herein, the Plan contains the following essential elements:

  1. A general Code of Conduct, attached hereto as an Exhibit, which describes HCBC’s standards for conduct in all aspects of its business and affairs in accordance with the law and with high ethical standards.


  1. Designation of a corporate compliance officer with direct reporting authority to the Board and senior management and substantial authority to implement and monitor the Plan.


  1. Standards and policies to guide personnel in specific, identified areas which due to their nature and complexity are identified as key areas of focus for compliance efforts.


  1. Mechanisms to prevent the delegation of substantial discretionary authority to persons with a propensity to engage in illegal activities.


  1. Training and education of all personnel concerning HCBC’s Code of Conduct and, as applicable, issue-specific and department-specific compliance policies and procedures.


  1. Communication mechanisms for employees to raise questions and receive appropriate guidance on compliance issues.


  1. Development and maintenance of mechanisms for employees to report instances of possible non-compliance and a procedure for follow-up, review, and resolution of such reported conduct.


  1. A process for formulating corrective action plans and, if necessary, administering sanctions for any instances of noncompliance.


  1. Regular reviews of the overall compliance effort, including issue-specific and department-specific policies, to assess compliance and update policies as necessary.




Numerous laws and regulations establish obligations for the health care industry with which HCBC and its employees comply. Any employee who violates these laws not only risks individual prosecution, civil actions for damages and penalties and administrative exclusion, but also subjects HCBC to the same risks and penalties. Any employee who violates these laws may be subject to immediate termination of his or her employment or affiliation with HCBC.


Attached as Exhibit A are some of the major federal statutes specifically applicable to health care providers. This outline is not intended to identify all applicable laws, and as described below, staff should always consult their supervisor, department manager, or the Compliance Officer with specific questions.


In addition to applicable federal and state laws, HCBC has developed a Code of Conduct (“Code”). The Code is to be used by HCBC, its employees and agents as a guideline for ethical decision making and conduct in performing the business of HCBC. Promotion and adherence to, the Code will be an element in evaluating the performance of managers, supervisors, and all other staff of HCBC.

As a condition of employment/contract, each staff member of HCBC must certify, in writing, that he or she has received, read, understood, and will abide by HCBC Code.


To meet the requirements of this Plan, HCBC has developed written policies and procedures demonstrating HCBC’s commitment to compliance with all federal and state health care statutes, regulations, and guidelines, including the requirements of the Federal health care programs. The written policies articulate specific procedures staff should follow when submitting initial or follow-up claims to Federal health care programs.


HCBC will at least annually review these policies and procedures and will make any necessary revisions. Revised policies and procedures will be distributed as needed through the Compliance Officer and will be available through HCBC’s intranet.




This Plan operates under the guidance and supervision of HCBC’s Board of Directors. The Board of Directors reviews the effectiveness of and compliance with the Plan, recommends revisions to the Plan, receives reports on compliance issues and monitors follow-up and corrective action.


The CEO of HCBC, subject to the approval of the Board of Directors, will appoint a Compliance Officer. The Compliance Officer will assume the managerial and administrative tasks involved in establishing this Plan and shall continue to act as Compliance Officer until such time as he or she is replaced by another appointee. The Compliance Officer shall solely represent HCBC and not any member of the Board of Directors, officer or employee.


The Compliance Officer will also serve as the Privacy Officer to provide oversight to specific privacy issues related to the Health Insurance Portability and Accountability Act (“HIPAA”) and 42 CFR Substance Abuse Treatment Privacy.


In addition, the CEO will appoint a Security Officer to provide oversight to specific security issues related to the Health Insurance Portability and Accountability Act (“HIPAA”). Duties of the Security Officer are described in the job description for this position.


Under this Plan, the Compliance Officer has complete discretion to fully investigate possible instances of non-compliance and to initiate corrective action when instances of non-compliance are discovered.


The Compliance Officer’s duties shall include:

  • Supervising the implementation of this Plan to ensure system-wide compliance with applicable federal and state laws and regulations,
  • Coordinating departmental efforts to implement compliance objectives,
  • Establishing and supervising the programs designed to detect misconduct,
  • Conferring generally with Management concerning matters related to the Plan,
  • Notifying employees of these compliance standards,
  • Supervising and evaluating monitoring and auditing procedures,
  • Implementing all mechanisms for reporting suspected compliance violations,
  • Training and educating employees about these standards,
  • Receive and investigate reports of possible illegal conduct or other conduct that violates the Code of Conduct or any compliance policies or suspected misconduct,
  • Assisting in addressing compliance issues that arise from audits or reporting mechanisms,
  • Assist in developing corrective action plans and sanctions to address compliance issues,
  • Coordinating with legal counsel in response to identified compliance questions, concerns, or federal/state inquires or investigations,
  • Reporting violations to the CEO of HCBC,
  • Assisting in the compliance effort of the agency Security Officer,
  • Furnishing the Board of Directors of HCBC, at least annually, with a report concerning the functioning of the Plan, any recommended modifications to the Plan or HCBC’s policies and procedures, and such other matters as may be provided for herein or as the Compliance Officer deems advisable,
  • Communicating with the CEO of HCBC regularly, and
  • Carrying out such other duties as are assigned by this Plan and such other actions as are necessary and appropriate to implement the Plan.


All questions and concerns regarding compliance with the standards set forth in this Plan shall be directed to the Compliance Officer. All HCBC staff must fully cooperate and assist the Compliance Officer as required in the exercise of his or her duties. If a member of the HCBC staff is uncertain whether specified conduct is prohibited, the employee or agent must contact the Compliance Officer or Security Officer for guidance prior to engaging in such conduct.




In conjunction with the Compliance Officer, the Compliance Team will ensure implementation of the Plan, measure and assess its effectiveness, recommend revisions, receive reports from the Compliance Officer concerning hotline calls and reported incidents, assist in internal investigations as appropriate, and assist in the implementation of remedial actions. Education, ongoing monitoring, and development of policies and procedures will also represent key responsibilities of the team. The team will consist of the following permanent members:


  • CEO
  • Board representative
  • Substance Abuse Services Executive
  • Quality Assurance Executive
  • Chief Financial Officer
  • Compliance Officer
  • Human Resources’ Director


In addition to the above permanent members, the Security Officer may be added as needed to assist in specific areas of compliance. The team will meet periodically at the discretion of the Compliance Officer.




For purposes of this Plan, an “Ineligible Person” shall be any individual or entity who: (i) is currently excluded, suspended, debarred or otherwise ineligible to participate in the Federal health care programs; or (ii) has been convicted of a criminal offense related to the provision of health care items or services and has not been reinstated in the Federal health care programs after a period of exclusion, suspension, debarment, or ineligibility.


HCBC shall not hire or engage as contractors or grant staff credentialing to any Ineligible Person. To prevent hiring or contracting with any Ineligible Person, HCBC shall screen all prospective employees and prospective contractors prior to engaging their services and screen clinicians prior to credentialing by (i) requiring applicants to disclose whether they are Ineligible Persons, and (ii) reviewing the General Services Administration’s List of Parties Excluded from Federal Programs and the HHS/OIG Cumulative Sanction Report.


Within sixty (60) days of the effective date of this Plan, HCBC will review its list of current employees and contractors and clinicians with staff credentialing against the Exclusion Lists. Annually, HCBC will review its list of current employees and contractors and clinicians with staff credentialing. If HCBC learns that an employee, agent, or clinician has become an Ineligible Person, HCBC will remove such person from responsibility for, or involvement with, HCBC’s business operations related to the Federal health care programs and shall remove such person from any position for which the person’s salary or the items or services rendered, ordered, or prescribed by the person are paid in whole or part, directly or indirectly, by Federal health care programs or otherwise with Federal funds at least until such time as the person is reinstated into participation in the Federal health care programs.


If HCBC has notice that an employee or contractor is charged with a criminal offense related to any Federal health care program, or is suspended or proposed for exclusion during his or her employment or contract with HCBC, within 10 days of receiving such notice HCBC will remove such individual from responsibility for, or involvement with, HCBC’s business operations related to the Federal health care programs until the resolution of such criminal conviction, suspension, or proposed exclusion.




All staff will receive a copy of this Plan and will sign an acknowledgement form stating that they have received the plan. HCBC will educate all staff about the Compliance Plan through a training program coordinated by the Compliance Officer. New staff is required to complete a training program within thirty (30) days of employment/contract. Staff will also complete annual training dealing with compliance with laws and/or with the Plan. This general training will at a minimum include a review of the Code of Conduct (highlighting any revisions), the Compliance Plan and responsibilities of employees under the Plan. Verification of training session attendance will be retained by the Compliance Officer.


Persons involved in the preparation or submission of claims for reimbursement from Federal health care programs will annually receive specialized training in the areas of billing and reimbursement laws, regulations and rules as well as appropriate billing policies, procedures and practices. This specialized training may focus on complex areas or on areas in which the Compliance Officer has deemed a high-risk of misconduct exists. As new developments or concerns arise, the Compliance Officer may require additional training sessions for some or all staff.


In its commitment to ensure that employees received appropriate training to perform their jobs in a manner consistent with this Plan, staff may receive some of their training in outside venues. All outside training that relates to issues covered by this Plan should be documented and retained by the Compliance Officer.


Attendance at schedule training sessions shall be mandatory and only the Compliance Officer shall have authority to excuse absences from such sessions. A written record of attendance at each session shall be made and retained by the Compliance Officer.

The Compliance Officer shall also establish a mechanism for employees to raise questions and receive, prompt, appropriate guidance on compliance issues.


Upon completion of initial training efforts (but no later than six months after training began), the Compliance Officer shall conduct a systematic assessment of the effectiveness of the training and shall report in writing to the Board regarding the same. The Compliance Officer shall arrange for any follow-up training necessary to address any deficiencies revealed in the course of the assessment.


The Compliance Officer shall make a yearly report to the CEO and the Board of Directors concerning compliance with the above training requirements.




  1. Audits


The Compliance Officer will establish a monitoring process to insure that all compliance programs are working properly. The Compliance Officer shall direct and supervise all internal compliance monitoring systems. Audit procedures and monitoring processes will be implemented which are designed to detect billing inaccuracies, breaches of privacy standards or other instances of potential misconduct as quickly as possible.


The Compliance Officer shall conduct or direct periodic audits of all departments and units to assess compliance with the standards and policies established in this Plan, including privacy and billing standards as described in operational policy. Audit guidelines will be developed for test criteria, audit tests and follow-ups. Such audits shall be conducted and the results reported to the Compliance Team quarterly and the Board not less than annually.


  1. Response to Non Compliance


If an audit reveals potential non-compliant conduct, an investigation shall be initiated and appropriate corrective action taken.


The Compliance Officer may also engage at any time an outside audit or consulting firm to address specific compliance issues. External auditors engaged to perform the annual financial audit may also be utilized to review compliance.


Audit work documents will be retained by the Compliance Officer for seven (7) years.


  1. Policy Update


As a part of the ongoing monitoring and auditing of the Plan, the Compliance Officer will, in cooperation with department representatives, ensure that policies and procedures are updated to reflect current regulatory issues and additional training is provided as necessary to assure continued compliance. Such policy and procedure and training updates shall occur not less than annually.


  1. Contracts


All contracts and other arrangements with network providers and other suppliers will be reviewed to verify that none of these compliance standards is violated by those agreements. It is expected that all business associates will comply with applicable standards. In the event that non-compliance is suspected or discovered, identified concerns will be discussed with the agency/individual with the expectation of resolution. Contracted agencies/individuals that do not cooperate to resolve compliance issues will have their contracts with HCBC terminated.


  1. Document and Record Retention HCBC shall maintain for inspection all documents and records relating to reimbursement from the Federal health care programs for seven (7) years (or longer if otherwise required by law).




  1. Employee’s Duty


The Compliance Officer shall ensure that procedures are established and publicized whereby all staff can report any suspected violation of law or regulation or of the Plan and/or to ask questions when there is an issue regarding actions or conduct that might violate the law or the Plan.


All employees of HCBC have the following duties and obligations with respect to this Plan:


  1. To report their good faith belief of any possible violations of law occurring within HCBC or involving HCBC’s assets, or any violation of this Plan;


  1. To cooperate fully with the Board of Directors, the Compliance Officer and their agents, in their investigations.


No staff or agent who makes good faith reports of suspected misconduct to HCBC may be retaliated against or otherwise disciplined by HCBC or any staff or agents associated with HCBC. The Compliance Officer shall review personnel records and information periodically for those individuals who have reported suspected misconduct to ensure that they are not the victims of retaliation or other improper conduct. In addition, the Compliance Officer has the authority to withhold the names of employees who report information.


The Compliance Officer does not, however, have the authority to unilaterally extend any protection or immunity from disciplinary action or prosecution to any staff who has engaged in misconduct.

For any disclosure made through HCBC’s reporting mechanisms that is sufficiently specific so that it reasonably


(i) permits a determination of the appropriateness of the alleged improper practice, and

(ii) provides an opportunity for taking corrective action, HCBC shall conduct an internal review of the allegations set forth in such a disclosure and ensure that proper follow-up is conducted.


The Compliance Officer shall maintain a confidential disclosure log, which shall include a record and summary of each allegation received, the status of the respective investigations, and any corrective action taken in response to the investigation.


  1. Hotline


HCBC has established a Hotline through which staff may report information about suspected misconduct. The Hotline is located in the Compliance office. The Hotline is attached to a secured voice-mail system accessible only by the Compliance Officer.  In addition, the Hotline may be utilized by employees who have questions about these compliance standards and their legal duties. Such questions will be answered by the Compliance Officer, who will formulate a response.


All callers who wish to remain anonymous will be designated by an identification number. This number may be utilized by the caller to identify himself or herself if additional information becomes available or if further questioning is necessary.


Any staff or agent of HCBC who misuses this Hotline shall be subject to disciplinary action.


The Hotline number is (816) 421-6670 Extension 1257.


  1. Mailbox


The Compliance Officer has established a locked mailbox to be used by employees as an anonymous reporting mechanism regarding suspected misconduct. Pre-numbered forms are available at the mailbox to be used for reporting information. The employee should retain a copy of the form and the number on the form can be used to contact the Compliance Officer to provide additional information or to check on the progress of the investigation.


The locked mailbox is located at:


Heartland Center for Behavioral Change, Inc.

1730 Prospect Suite 100

Kansas City, MO 64127


Any employee or agent of HCBC who misuses the mailbox shall be subject to disciplinary action.


  1. Written Reports


Written reports may be provided to the HCBC Compliance Officer at the following address:


Personal and Confidential

Compliance Officer

Heartland Center for Behavioral Change, Inc.

1730 Prospect Suite 100

Kansas City, MO 64127


  1. Publicity


Annually during the required training program, information will be distributed to each employee outlining the methods for reporting suspected violations of the law or this Plan. The information will emphasize:

  1. that each employee has a duty to report, in good faith, any suspected violations;
  2. the ability to make any reports of suspected violations anonymously;

iii. that no employee shall suffer any penalty or retribution for good faith reporting of any suspected misconduct or impropriety;

  1. that HCBC encourages employees to contact the Compliance Officer before engaging in conduct that the employee questions whether it might violate the law or the Plan; and
  2. failure to report suspected violations may lead to discipline, including termination of employment.




If misconduct is detected, the Compliance Officer must immediately inform the CEO and supervising Executive. The CEO and supervising Executive, and the Compliance Officer will then determine the response HCBC considers, in light of all available information, to be appropriate. HCBC shall immediately evaluate the need for immediate removal of staff, steps to prevent alteration or destruction of documents, halting invoices or other requests for funds in process that may contain errors, launching an investigation, protecting whistleblowers, and preparation to notify governmental regulators.


The procedure for undertaking an investigation shall include, but need not be limited to the following:

  1. Notification of the CEO and supervising Executive;
  2. Interview of the complainant and others who may have knowledge related to the complaint;
  3. Review of relevant documents;
  4. Review of applicable law/ regulations and agency policies;
  5. Report (including nature of the problem; investigation procedure; persons who acted inappropriately and their degree of culpability; estimate of nature and extent of liability or overpayment due, if any).


  1. Recommendation for response and corrective action.


The next stages of a response may include revising this Plan to prevent the occurrence of future misconduct in the area, increasing auditing and monitoring procedures, replacing supervisors who, although not involved in the misconduct, nonetheless failed to adequately supervise and control employees’ behavior, or reporting the responsible individuals and their misconduct to the appropriate governmental agency. The CEO, Compliance Officer, and/or members of the Compliance Team, in consultation with agency counsel, will assess any employee misconduct and enforce an appropriate penalty.


If HCBC discovers credible evidence of misconduct from any source and, after reasonable inquiry, has reason to believe that the misconduct may violate criminal, civil, or administrative law concerning HCBC’s practices relating to the Federal health care programs, then HCBC shall promptly report the probable violation of law to the State regulators and where appropriate, the Office of the Inspector General of the department of Health and Human Services or the Office of Civil Rights. HCBC shall make this disclosure as soon as practical, but not later than thirty (30) days after becoming aware of the existence of the probable violation.




Failure to comply with these standards will result in disciplinary action up to and including discharge. All claims of suspected misconduct will be investigated by HCBC. Any employees who are involved in verified misconduct will be subject to disciplinary action. Disciplinary action will be taken in accordance with existing and applicable HCBC policies and procedures.

HCBC reserves the right to exercise discretion in penalizing those who violate these standards; however, all such exercises of discretion must be reported to the Board.


The Compliance Officer shall establish and administer, in conjunction with the Human Resources Manager, a corporate-wide disciplinary system, including written disciplinary procedures, designed to produce appropriate and consistent results in disciplinary cases for non-compliance with the Plan.

HCBC’s Plan will be consistently enforced through appropriate disciplinary mechanisms. Disciplinary actions may include termination, and may extend to individuals responsible for the failure to prevent, detect or report an offense.


The disciplinary system shall provide that appropriate HCBC executives and CEO, in consultation with the Compliance Officer, will make disciplinary decisions.


The Human Resources Manager will maintain records of all disciplinary actions taken for violations of the Plan. Any discipline shall be appropriately documented in the employee’s personnel file, along with a statement of reasons for imposing such discipline. In addition, the Compliance Officer shall maintain records of all disciplinary actions and periodically review those records to ensure that discipline is being administered in a consistent manner. The Compliance Officer shall report disciplinary results, quarterly to the Board of Directors. The Compliance Officer shall also report annually to the Board of Directors regarding the effectiveness of the disciplinary system in deterring compliance violations.


  1. Employee/Vendor Screening


As part of its ongoing corporate compliance activities, HCBC shall take reasonable steps to prevent the delegation of substantial discretionary authority to persons with a propensity to engage in illegal activities. These steps shall include screening certain prospective employees, vendors and contractors to determine whether they have been convicted of a healthcare related offense or debarred, excluded or otherwise made ineligible for participation in federal health care programs.


It shall be the responsibility of the HR Manager to check the Office of the Inspector General exclusions database to ensure that all prospective candidates for employment are eligible for employment and are not listed as ineligible for employment. A similar process shall be used under the supervision of the Chief Financial Officer to check that vendors are eligible for work with HCBC.



Original: August 1, 2011

Revised: January 1, 2013

Revised: August 6, 2016